Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Update DevicePolicyManager parent instance documentation" into nyc-dev

Browse Source 
am: 44da29407f

* commit '44da29407f3228811d5c1387a184fc68c388c5c7':
  Update DevicePolicyManager parent instance documentation
This commit is contained in:
Esteban Talavera
2016-02-19 09:42:28 +00:00
committed by android-build-merger
parent f2ff11238a 44da29407f
commit d76c5fedc8
2 changed files with 245 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
core/java/android/app/admin/DeviceAdminReceiver.java
View File

@@ -117,8 +117,8 @@ public class DeviceAdminReceiver extends BroadcastReceiver {
= "android.app.action.DEVICE_ADMIN_DISABLED";
/**
* Action sent to a device administrator when the user has changed the
* password of their device. You can at this point check the characteristics
* Action sent to a device administrator when the user has changed the password of their device
* or profile challenge. You can at this point check the characteristics
* of the new password with {@link DevicePolicyManager#isActivePasswordSufficient()
* DevicePolicyManager.isActivePasswordSufficient()}.
* You will generally
@@ -133,8 +133,8 @@ public class DeviceAdminReceiver extends BroadcastReceiver {
= "android.app.action.ACTION_PASSWORD_CHANGED";
/**
* Action sent to a device administrator when the user has failed at
* attempted to enter the password. You can at this point check the
* Action sent to a device administrator when the user has entered an incorrect device
* or profile challenge password. You can at this point check the
* number of failed password attempts there have been with
* {@link DevicePolicyManager#getCurrentFailedPasswordAttempts
* DevicePolicyManager.getCurrentFailedPasswordAttempts()}. You will generally
@@ -149,8 +149,9 @@ public class DeviceAdminReceiver extends BroadcastReceiver {
= "android.app.action.ACTION_PASSWORD_FAILED";
/**
* Action sent to a device administrator when the user has successfully
* entered their password, after failing one or more times.
* Action sent to a device administrator when the user has successfully entered their device
* or profile challenge password, after failing one or more times. You will generally
* handle this in {@link DeviceAdminReceiver#onPasswordSucceeded}.
*
* <p>The calling device admin must have requested
* {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} to receive
@@ -161,8 +162,9 @@ public class DeviceAdminReceiver extends BroadcastReceiver {
= "android.app.action.ACTION_PASSWORD_SUCCEEDED";
/**
* Action periodically sent to a device administrator when the device password
* is expiring.
* Action periodically sent to a device administrator when the device or profile challenge
* password is expiring. You will generally
* handle this in {@link DeviceAdminReceiver#onPasswordExpiring}.
*
* <p>The calling device admin must have requested
* {@link DeviceAdminInfo#USES_POLICY_EXPIRE_PASSWORD} to receive
@@ -417,7 +419,7 @@ public class DeviceAdminReceiver extends BroadcastReceiver {
}
/**
* Called after the user has changed their password, as a result of
* Called after the user has changed their device or profile challenge password, as a result of
* receiving {@link #ACTION_PASSWORD_CHANGED}. At this point you
* can use {@link DevicePolicyManager#getPasswordQuality(android.content.ComponentName)}
* to retrieve the active password characteristics.
@@ -428,10 +430,10 @@ public class DeviceAdminReceiver extends BroadcastReceiver {
}
/**
* Called after the user has failed at entering their current password, as a result of
* receiving {@link #ACTION_PASSWORD_FAILED}. At this point you
* can use {@link DevicePolicyManager} to retrieve the number of failed
* password attempts.
* Called after the user has failed at entering their device or profile challenge password,
* as a result of receiving {@link #ACTION_PASSWORD_FAILED}. At this point you can use
* {@link DevicePolicyManager#getCurrentFailedPasswordAttempts()} to retrieve the number of
* failed password attempts.
* @param context The running context as per {@link #onReceive}.
* @param intent The received intent as per {@link #onReceive}.
*/
@@ -439,7 +441,7 @@ public class DeviceAdminReceiver extends BroadcastReceiver {
}
/**
* Called after the user has succeeded at entering their current password,
* Called after the user has succeeded at entering their device or profile challenge password,
* as a result of receiving {@link #ACTION_PASSWORD_SUCCEEDED}. This will
* only be received the first time they succeed after having previously
* failed.
@@ -450,9 +452,9 @@ public class DeviceAdminReceiver extends BroadcastReceiver {
}
/**
* Called periodically when the password is about to expire or has expired. It will typically
* be called at these times: on device boot, once per day before the password expires,
* and at the time when the password expires.
* Called periodically when the device or profile challenge password is about to expire
* or has expired. It will typically be called at these times: on device boot, once per day
* before the password expires, and at the time when the password expires.
*
* <p>If the password is not updated by the user, this method will continue to be called
* once per day until the password is changed or the device admin disables password expiration.

290
core/java/android/app/admin/DevicePolicyManager.java
View File

@@ -849,6 +849,8 @@ public class DevicePolicyManager {
* this will trigger entering a new password for the parent of the profile.
* For all other cases it will trigger entering a new password for the user
* or profile it is launched from.
*
* @see #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD
*/
@SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION)
public static final String ACTION_SET_NEW_PASSWORD
@@ -1188,7 +1190,8 @@ public class DevicePolicyManager {
* restrictive as what has been set. Note that the current password
* will remain until the user has set a new one, so the change does not
* take place immediately. To prompt the user for a new password, use
* {@link #ACTION_SET_NEW_PASSWORD} after setting this value.
* {@link #ACTION_SET_NEW_PASSWORD} or
* {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after calling this method.
*
* <p>Quality constants are ordered so that higher values are more restrictive;
* thus the highest requested quality constant (between the policy set here,
@@ -1199,6 +1202,10 @@ public class DevicePolicyManager {
* {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
* @param quality The new desired quality. One of
* {@link #PASSWORD_QUALITY_UNSPECIFIED}, {@link #PASSWORD_QUALITY_SOMETHING},
@@ -1217,8 +1224,14 @@ public class DevicePolicyManager {
}
/**
* Retrieve the current minimum password quality for all admins of this user
* and its profiles or a particular one.
* Retrieve the current minimum password quality for a particular admin or all admins that set
* retrictions on this user and its participating profiles. Restrictions on profiles that have
* a separate challenge are not taken into account.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to aggregate
* all admins.
*/
@@ -1245,7 +1258,8 @@ public class DevicePolicyManager {
* restrictive as what has been set. Note that the current password
* will remain until the user has set a new one, so the change does not
* take place immediately. To prompt the user for a new password, use
* {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This
* {@link #ACTION_SET_NEW_PASSWORD} or
* {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value. This
* constraint is only imposed if the administrator has also requested either
* {@link #PASSWORD_QUALITY_NUMERIC}, {@link #PASSWORD_QUALITY_NUMERIC_COMPLEX},
* {@link #PASSWORD_QUALITY_ALPHABETIC}, {@link #PASSWORD_QUALITY_ALPHANUMERIC},
@@ -1255,6 +1269,10 @@ public class DevicePolicyManager {
* {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
* @param length The new desired minimum password length. A value of 0
* means there is no restriction.
@@ -1270,7 +1288,14 @@ public class DevicePolicyManager {
}
/**
* Retrieve the current minimum password length for all admins of this
* Retrieve the current minimum password length for a particular admin or all admins that set
* retrictions on this user and its participating profiles. Restrictions on profiles that have
* a separate challenge are not taken into account.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* user and its profiles or a particular one.
* @param admin The name of the admin component to check, or {@code null} to aggregate
* all admins.
@@ -1298,7 +1323,8 @@ public class DevicePolicyManager {
* not at least as restrictive as what has been set. Note that the current
* password will remain until the user has set a new one, so the change does
* not take place immediately. To prompt the user for a new password, use
* {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This
* {@link #ACTION_SET_NEW_PASSWORD} or
* {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value. This
* constraint is only imposed if the administrator has also requested
* {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The
* default value is 0.
@@ -1307,6 +1333,10 @@ public class DevicePolicyManager {
* {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated
* with.
* @param length The new desired minimum number of upper case letters
@@ -1324,13 +1354,19 @@ public class DevicePolicyManager {
}
/**
* Retrieve the current number of upper case letters required in the
* password for all admins of this user and its profiles or a particular one.
* Retrieve the current number of upper case letters required in the password
* for a particular admin or all admins that set retrictions on this user and
* its participating profiles. Restrictions on profiles that have a separate challenge
* are not taken into account.
* This is the same value as set by
* {#link {@link #setPasswordMinimumUpperCase(ComponentName, int)}
* {@link #setPasswordMinimumUpperCase(ComponentName, int)}
* and only applies when the password quality is
* {@link #PASSWORD_QUALITY_COMPLEX}.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to
* aggregate all admins.
* @return The minimum number of upper case letters required in the
@@ -1359,7 +1395,8 @@ public class DevicePolicyManager {
* not at least as restrictive as what has been set. Note that the current
* password will remain until the user has set a new one, so the change does
* not take place immediately. To prompt the user for a new password, use
* {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This
* {@link #ACTION_SET_NEW_PASSWORD} or
* {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value. This
* constraint is only imposed if the administrator has also requested
* {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The
* default value is 0.
@@ -1368,6 +1405,10 @@ public class DevicePolicyManager {
* {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated
* with.
* @param length The new desired minimum number of lower case letters
@@ -1385,13 +1426,19 @@ public class DevicePolicyManager {
}
/**
* Retrieve the current number of lower case letters required in the
* password for all admins of this user and its profiles or a particular one.
* Retrieve the current number of lower case letters required in the password
* for a particular admin or all admins that set retrictions on this user
* and its participating profiles. Restrictions on profiles that have
* a separate challenge are not taken into account.
* This is the same value as set by
* {#link {@link #setPasswordMinimumLowerCase(ComponentName, int)}
* {@link #setPasswordMinimumLowerCase(ComponentName, int)}
* and only applies when the password quality is
* {@link #PASSWORD_QUALITY_COMPLEX}.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to
* aggregate all admins.
* @return The minimum number of lower case letters required in the
@@ -1420,7 +1467,8 @@ public class DevicePolicyManager {
* restrictive as what has been set. Note that the current password will
* remain until the user has set a new one, so the change does not take
* place immediately. To prompt the user for a new password, use
* {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This
* {@link #ACTION_SET_NEW_PASSWORD} or
* {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value. This
* constraint is only imposed if the administrator has also requested
* {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The
* default value is 1.
@@ -1429,6 +1477,10 @@ public class DevicePolicyManager {
* {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated
* with.
* @param length The new desired minimum number of letters required in the
@@ -1445,12 +1497,19 @@ public class DevicePolicyManager {
}
/**
* Retrieve the current number of letters required in the password for all
* admins or a particular one. This is the same value as
* set by {#link {@link #setPasswordMinimumLetters(ComponentName, int)}
* Retrieve the current number of letters required in the password
* for a particular admin or all admins that set retrictions on this user
* and its participating profiles. Restrictions on profiles that have
* a separate challenge are not taken into account.
* This is the same value as set by
* {@link #setPasswordMinimumLetters(ComponentName, int)}
* and only applies when the password quality is
* {@link #PASSWORD_QUALITY_COMPLEX}.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to
* aggregate all admins.
* @return The minimum number of letters required in the password.
@@ -1478,7 +1537,8 @@ public class DevicePolicyManager {
* not at least as restrictive as what has been set. Note that the current
* password will remain until the user has set a new one, so the change does
* not take place immediately. To prompt the user for a new password, use
* {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This
* {@link #ACTION_SET_NEW_PASSWORD} or
* {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value. This
* constraint is only imposed if the administrator has also requested
* {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The
* default value is 1.
@@ -1487,6 +1547,10 @@ public class DevicePolicyManager {
* {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated
* with.
* @param length The new desired minimum number of numerical digits required
@@ -1504,12 +1568,18 @@ public class DevicePolicyManager {
/**
* Retrieve the current number of numerical digits required in the password
* for all admins of this user and its profiles or a particular one.
* for a particular admin or all admins that set retrictions on this user
* and its participating profiles. Restrictions on profiles that have
* a separate challenge are not taken into account.
* This is the same value as set by
* {#link {@link #setPasswordMinimumNumeric(ComponentName, int)}
* {@link #setPasswordMinimumNumeric(ComponentName, int)}
* and only applies when the password quality is
* {@link #PASSWORD_QUALITY_COMPLEX}.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to
* aggregate all admins.
* @return The minimum number of numerical digits required in the password.
@@ -1537,7 +1607,8 @@ public class DevicePolicyManager {
* restrictive as what has been set. Note that the current password will
* remain until the user has set a new one, so the change does not take
* place immediately. To prompt the user for a new password, use
* {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This
* {@link #ACTION_SET_NEW_PASSWORD} or
* {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value. This
* constraint is only imposed if the administrator has also requested
* {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The
* default value is 1.
@@ -1546,6 +1617,10 @@ public class DevicePolicyManager {
* {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated
* with.
* @param length The new desired minimum number of symbols required in the
@@ -1562,12 +1637,18 @@ public class DevicePolicyManager {
}
/**
* Retrieve the current number of symbols required in the password for all
* admins or a particular one. This is the same value as
* set by {#link {@link #setPasswordMinimumSymbols(ComponentName, int)}
* Retrieve the current number of symbols required in the password
* for a particular admin or all admins that set retrictions on this user
* and its participating profiles. Restrictions on profiles that have
* a separate challenge are not taken into account. This is the same value as
* set by {@link #setPasswordMinimumSymbols(ComponentName, int)}
* and only applies when the password quality is
* {@link #PASSWORD_QUALITY_COMPLEX}.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to
* aggregate all admins.
* @return The minimum number of symbols required in the password.
@@ -1595,7 +1676,8 @@ public class DevicePolicyManager {
* to enter a new password that is not at least as restrictive as what has
* been set. Note that the current password will remain until the user has
* set a new one, so the change does not take place immediately. To prompt
* the user for a new password, use {@link #ACTION_SET_NEW_PASSWORD} after
* the user for a new password, use {@link #ACTION_SET_NEW_PASSWORD} or
* {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after
* setting this value. This constraint is only imposed if the administrator
* has also requested {@link #PASSWORD_QUALITY_COMPLEX} with
* {@link #setPasswordQuality}. The default value is 0.
@@ -1604,6 +1686,10 @@ public class DevicePolicyManager {
* {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated
* with.
* @param length The new desired minimum number of letters required in the
@@ -1620,13 +1706,19 @@ public class DevicePolicyManager {
}
/**
* Retrieve the current number of non-letter characters required in the
* password for all admins of this user and its profiles or a particular one.
* Retrieve the current number of non-letter characters required in the password
* for a particular admin or all admins that set retrictions on this user
* and its participating profiles. Restrictions on profiles that have
* a separate challenge are not taken into account.
* This is the same value as set by
* {#link {@link #setPasswordMinimumNonLetter(ComponentName, int)}
* {@link #setPasswordMinimumNonLetter(ComponentName, int)}
* and only applies when the password quality is
* {@link #PASSWORD_QUALITY_COMPLEX}.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to
* aggregate all admins.
* @return The minimum number of letters required in the password.
@@ -1653,7 +1745,8 @@ public class DevicePolicyManager {
* enter a new password that is the same as any password in the history. Note
* that the current password will remain until the user has set a new one, so
* the change does not take place immediately. To prompt the user for a new
* password, use {@link #ACTION_SET_NEW_PASSWORD} after setting this value.
* password, use {@link #ACTION_SET_NEW_PASSWORD} or
* {@link #ACTION_SET_NEW_PARENT_PROFILE_PASSWORD} after setting this value.
* This constraint is only imposed if the administrator has also requested
* either {@link #PASSWORD_QUALITY_NUMERIC}, {@link #PASSWORD_QUALITY_NUMERIC_COMPLEX}
* {@link #PASSWORD_QUALITY_ALPHABETIC}, or {@link #PASSWORD_QUALITY_ALPHANUMERIC}
@@ -1664,6 +1757,10 @@ public class DevicePolicyManager {
* {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this
* method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated
* with.
* @param length The new desired length of password history. A value of 0
@@ -1697,6 +1794,10 @@ public class DevicePolicyManager {
* <p> Note that setting the password will automatically reset the expiration time for all
* active admins. Active admins do not need to explicitly call this method in that case.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
* @param timeout The limit (in ms) that a password can remain in effect. A value of 0
* means there is no restriction (unlimited).
@@ -1715,7 +1816,12 @@ public class DevicePolicyManager {
* Get the password expiration timeout for the given admin. The expiration timeout is the
* recurring expiration timeout provided in the call to
* {@link #setPasswordExpirationTimeout(ComponentName, long)} for the given admin or the
* aggregate of all policy administrators if {@code admin} is null.
* aggregate of all participating policy administrators if {@code admin} is null. Admins that
* have set restrictions on profiles that have a separate challenge are not taken into account.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to aggregate all admins.
* @return The timeout for the given admin or the minimum of all timeouts
@@ -1732,14 +1838,17 @@ public class DevicePolicyManager {
}
/**
* Get the current password expiration time for the given admin or an aggregate of
* all admins of this user and its profiles if admin is null. If the password is
* expired, this will return the time since the password expired as a negative number.
* If admin is null, then a composite of all expiration timeouts is returned
* - which will be the minimum of all timeouts.
* Get the current password expiration time for a particular admin or all admins that set
* retrictions on this user and its participating profiles. Restrictions on profiles that have
* a separate challenge are not taken into account. If admin is {@code null}, then a composite
* of all expiration times is returned - which will be the minimum of all of them.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* the password expiration for the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to aggregate all admins.
* @return The password expiration time, in ms.
* @return The password expiration time, in milliseconds since epoch.
*/
public long getPasswordExpiration(@Nullable ComponentName admin) {
if (mService != null) {
@@ -1753,8 +1862,14 @@ public class DevicePolicyManager {
}
/**
* Retrieve the current password history length for all admins of this
* user and its profiles or a particular one.
* Retrieve the current password history length for a particular admin or all admins that
* set retrictions on this user and its participating profiles. Restrictions on profiles that
* have a separate challenge are not taken into account.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to aggregate
* all admins.
* @return The length of the password history
@@ -1788,13 +1903,18 @@ public class DevicePolicyManager {
/**
* Determine whether the current password the user has set is sufficient
* to meet the policy requirements (quality, minimum length) that have been
* requested by the admins of this user and its profiles that don't have a separate challenge.
* to meet the policy requirements (e.g. quality, minimum length) that have been
* requested by the admins of this user and its participating profiles.
* Restrictions on profiles that have a separate challenge are not taken into account.
*
* <p>The calling device admin must have requested
* {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to determine
* if the password set on the parent profile is sufficient.
*
* @return Returns true if the password meets the current requirements, else false.
*/
public boolean isActivePasswordSufficient() {
@@ -1810,7 +1930,7 @@ public class DevicePolicyManager {
/**
* Determine whether the current profile password the user has set is sufficient
* to meet the policy requirements (quality, minimum length) that have been
* to meet the policy requirements (e.g. quality, minimum length) that have been
* requested by the admins of the parent user and its profiles.
*
* @param userHandle the userId of the profile to check the password for.
@@ -1832,6 +1952,10 @@ public class DevicePolicyManager {
* Retrieve the number of times the user has failed at entering a
* password since that last successful password entry.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* the number of failed password attemts for the parent user.
*
* <p>The calling device admin must have requested
* {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} to be able to call
* this method; if it has not, a security exception will be thrown.
@@ -1880,7 +2004,7 @@ public class DevicePolicyManager {
/**
* Setting this to a value greater than zero enables a built-in policy
* that will perform a device wipe after too many incorrect
* that will perform a device or profile wipe after too many incorrect
* device-unlock passwords have been entered. This built-in policy combines
* watching for failed passwords and wiping the device, and requires
* that you request both {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} and
@@ -1891,11 +2015,15 @@ public class DevicePolicyManager {
* failure to a server), you should implement
* {@link DeviceAdminReceiver#onPasswordFailed(Context, android.content.Intent)}
* instead. Do not use this API, because if the maximum count is reached,
* the device will be wiped immediately, and your callback will not be invoked.
* the device or profile will be wiped immediately, and your callback will not be invoked.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* a value on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
* @param num The number of failed password attempts at which point the
* device will wipe its data.
* device or profile will be wiped.
*/
public void setMaximumFailedPasswordsForWipe(@NonNull ComponentName admin, int num) {
if (mService != null) {
@@ -1908,9 +2036,15 @@ public class DevicePolicyManager {
}
/**
* Retrieve the current maximum number of login attempts that are allowed
* before the device wipes itself, for all admins of this user and its profiles
* or a particular one.
* Retrieve the current maximum number of login attempts that are allowed before the device
* or profile is wiped, for a particular admin or all admins that set retrictions on this user
* and its participating profiles. Restrictions on profiles that have a separate challenge are
* not taken into account.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* the value for the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to aggregate
* all admins.
*/
@@ -2027,6 +2161,10 @@ public class DevicePolicyManager {
* {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to set
* restrictions on the parent profile.
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
* @param timeMs The new desired maximum time to lock in milliseconds.
* A value of 0 means there is no restriction.
@@ -2042,8 +2180,14 @@ public class DevicePolicyManager {
}
/**
* Retrieve the current maximum time to unlock for all admins of this user
* and its profiles or a particular one.
* Retrieve the current maximum time to unlock for a particular admin or all admins that set
* retrictions on this user and its participating profiles. Restrictions on profiles that have
* a separate challenge are not taken into account.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to aggregate
* all admins.
* @return time in milliseconds for the given admin or the minimum value (strictest) of
@@ -2072,6 +2216,10 @@ public class DevicePolicyManager {
* <p>The calling device admin must have requested
* {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} to be able to call
* this method; if it has not, a security exception will be thrown.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to lock
* the parent profile.
*/
public void lockNow() {
if (mService != null) {
@@ -2570,7 +2718,7 @@ public class DevicePolicyManager {
try {
return mService.removeKeyPair(admin, alias);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
Log.w(TAG, REMOTE_EXCEPTION_MESSAGE, e);
}
return false;
}
@@ -2893,17 +3041,25 @@ public class DevicePolicyManager {
* this method; if it has not, a security exception will be thrown.
*
* <p>Calling this from a managed profile before version
* {@link android.os.Build.VERSION_CODES#M} will throw a security exception.
*
* <p>From version {@link android.os.Build.VERSION_CODES#M} a profile owner can set:
* {@link android.os.Build.VERSION_CODES#M} will throw a security exception. From version
* {@link android.os.Build.VERSION_CODES#M} the profile owner of a managed profile can set:
* <ul>
* <li>{@link #KEYGUARD_DISABLE_TRUST_AGENTS}, {@link #KEYGUARD_DISABLE_FINGERPRINT}
* these will affect the profile's parent user.
* <li>{@link #KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS} this will affect notifications
* generated by applications in the managed profile.
* <li>{@link #KEYGUARD_DISABLE_TRUST_AGENTS}, which affects the parent user, but only if there
* is no separate challenge set on the managed profile.
* <li>{@link #KEYGUARD_DISABLE_FINGERPRINT} which affects the managed profile challenge if
* there is one, or the parent user otherwise.
* <li>{@link #KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS} which affects notifications
* generated by applications in the managed profile.
* </ul>
* <p>Requests to disable other features on a managed profile will be ignored. The admin
* can check which features have been disabled by calling
*
* {@link #KEYGUARD_DISABLE_TRUST_AGENTS} and {@link #KEYGUARD_DISABLE_FINGERPRINT} can also be
* set on the {@link DevicePolicyManager} instance returned by
* {@link #getParentProfileInstance(ComponentName)} in order to set restrictions on the
* parent profile.
*
* <p>Requests to disable other features on a managed profile will be ignored.
*
* <p>The admin can check which features have been disabled by calling
* {@link #getKeyguardDisabledFeatures(ComponentName)}
*
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
@@ -2925,7 +3081,13 @@ public class DevicePolicyManager {
/**
* Determine whether or not features have been disabled in keyguard either by the calling
* admin, if specified, or all admins.
* admin, if specified, or all admins that set retrictions on this user and its participating
* profiles. Restrictions on profiles that have a separate challenge are not taken into account.
*
* <p>This method can be called on the {@link DevicePolicyManager} instance
* returned by {@link #getParentProfileInstance(ComponentName)} in order to retrieve
* restrictions on the parent profile.
*
* @param admin The name of the admin component to check, or {@code null} to check whether any
* admins have disabled features in keyguard.
* @return bitfield of flags. See {@link #setKeyguardDisabledFeatures(ComponentName, int)}
@@ -3502,7 +3664,7 @@ public class DevicePolicyManager {
try {
return mService.setPackagesSuspended(admin, packageNames, suspended);
} catch (RemoteException re) {
Log.w(TAG, "Failed talking with device policy service", re);
Log.w(TAG, REMOTE_EXCEPTION_MESSAGE, re);
}
}
return packageNames;
@@ -3521,7 +3683,7 @@ public class DevicePolicyManager {
try {
return mService.getPackageSuspended(admin, packageName);
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
Log.w(TAG, REMOTE_EXCEPTION_MESSAGE, e);
}
}
return false;
@@ -5786,7 +5948,7 @@ public class DevicePolicyManager {
try {
mService.setAffiliationIds(admin, new ArrayList<String>(ids));
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
Log.w(TAG, REMOTE_EXCEPTION_MESSAGE, e);
}
}
@@ -5801,7 +5963,7 @@ public class DevicePolicyManager {
try {
return mService != null && mService.isAffiliatedUser();
} catch (RemoteException e) {
Log.w(TAG, "Failed talking with device policy service", e);
Log.w(TAG, REMOTE_EXCEPTION_MESSAGE, e);
return false;
}
}